Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-8131

Security authorization component should log denied access for simple right inquiry at debug level

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.2-milestone-2
    • Fix Version/s: 4.2-milestone-3
    • Component/s: Security
    • Labels:
      None
    • Difficulty:
      Unknown
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      In the new security API, there is a clear separation between access check made at security checkpoints, and access verification made for interface customization. During a simple verification, denied right are expected events that should be logged at debug level.
      Current implementation logs all denied access at info level.

        Attachments

          Activity

            People

            Assignee:
            softec Denis Gervalle
            Reporter:
            softec Denis Gervalle
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: